smaury's Avatar

smaury

@smaury

Co-Founder @shielder.com CTF Player jbz.team Cliff Jumping Lover (23mt max so far)

944
Followers 322
Following 49
Posts 19.07.2023
Joined
Posts Following

Latest posts by smaury @smaury

🀟🏿

01.02.2026 18:45 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Love breaking things just to see how they work? πŸ›πŸ”¨

​A @shielder.com delegation is on the ground at @fosdem.org, and we're looking for fellow hackers and security researchers.

​If you are passionate about securing the Open Source world, we definitely need to talk!

31.01.2026 08:29 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Post image

Happy New Year, Hackers! πŸŽ†
We’re looking forward to a 2026 full of crazy exploits, instant patches, and - most importantly - YOU, the amazing human beings behind the screens.

31.12.2025 12:49 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Nano Banana opinion on this is

09.12.2025 13:02 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

What's the Bobby Tables equivalent in #AI era?

09.12.2025 12:54 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Join us tomorrow to learn more about this cool audit!

01.12.2025 15:43 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Want to learn more about our approach into auditing complex libraries and writing cool exploits?

πŸ—“οΈ: Dec 02

πŸ•—: 20:00 CET

RSVP: luma.com/ostif-meetup...

25.11.2025 09:15 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Preview
RomHack - Job opportunities Check for RomHack sponsor's job opportunities

πŸ‘‹πŸΏ Hackers!

Are you a Red Teaming Wizard πŸ§™πŸΏ looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!

More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...

07.08.2025 19:38 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0

Working with folks from @lucasfilm.bsky.social, @ilmvfx.bsky.social, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool!

Big shout-out πŸ“£ to the @ostifofficial.bsky.social and ASWF for making this possible.

31.07.2025 15:23 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

The TumpiCon experience will start tomorrow!
Can't wait to meet y'all in Pinerolo 🏞️
Schedule is out: tumpicon.org

25.06.2025 20:23 πŸ‘ 7 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Post image

Woah - thanks Nestlè and @intigriti.com!

23.05.2025 09:34 πŸ‘ 6 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

It's so cool working with the GoogleVRP team - folks over there are amazing.
I love the concept of "you report something, then we work together with you to escalate it as much as possible".
High bounties are also a nice addendum :)
#BugBounty #bugbountytips

20.05.2025 18:53 πŸ‘ 7 πŸ” 0 πŸ’¬ 2 πŸ“Œ 0
Preview
RomHack Conference 2025 Schedule, talks and talk submissions for RomHack Conference 2025

Romhack is coming up and the CfP is still open!
Got novel research you’d love to present in front of an eager audience, with the stunning Roman landscape as your backdrop, and on the same stage where @jameskettle.com will deliver the keynote?
Submit now!
cfp.romhack.io/romhack-2025/

27.04.2025 06:35 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

We are so excited to announce the publication of our audit of PHP core! This work was made possible through a collaboration between OSTIF, @thephpf.bsky.social, and @quarkslab.bsky.social with funding provided by @sovereign.tech. For the report and further links, check out ostif.org/php-audit-co...

10.04.2025 19:12 πŸ‘ 5 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Post image

Is there a way I can wipe this from my brain?
Jim Carrey any recommendations?
mobapc.it/prodotto/sha...

10.04.2025 06:47 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Just published some talks on tumpicon.org
Wanna join us? Follow the trail πŸ₯Ύ

09.04.2025 09:35 πŸ‘ 6 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Post image

Last week Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit.bsky.social exploited to escape the Sandbox.
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373

07.04.2025 08:58 πŸ‘ 9 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0
Post image

Woah -- more Google Chrome VRP swag in my mailbox today!

Wondering how to get some yourself? Find vulnerabilities in Chrome!

More info here: bughunters.google.com/about/rules/...

03.04.2025 12:20 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
CEF Debugger Enabled in Google Web Designer | Google Bug Hunters Found a security vulnerability? Discover our forms for reporting security issues to Google: for the standard VRP, Google Play, and Play Data Abuse.

One of my old Google VRP reports just went public -- check it out if you want to see an example of CEF exploitation.

bughunters.google.com/reports/vrp/...

18.03.2025 13:02 πŸ‘ 8 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Security Code Audit of Mullvad VPN Β· Zoom Β· Luma Join us for a presentation and meetup with Markus Vervier and Eric Sesterhenn of X41 D-Sec GmbH around their company's audit of Mullvad VPN. Markus Vervier is…

Our next meetup is a presentation from our friends at X41 D-Sec GmbH. Join us next Wednesday, March 26th, at 14:00 CDT for a presentation and discussion with Markus Vervier and Eric Sesterhenn on their audit of @mullvad.bsky.social. We can't wait for this one! RSVP at lu.ma/wreregye

17.03.2025 19:50 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
A deep dive into Cellebrite: Android support as of February 2025 A deep dive into Cellebrite: Android support as of February 2025

We recently analyzed the latest Cellebrite device support matrix published in February 2025.
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.

Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...

17.03.2025 10:34 πŸ‘ 6 πŸ” 7 πŸ’¬ 0 πŸ“Œ 1

My pixel 7 almost melt down in my hands -- but yes!

14.03.2025 13:01 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Is this the year of cracking on smartphones?

14.03.2025 07:08 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Swag day -- thanks ChromeVRP and @amyre.bsky.social

13.03.2025 11:11 πŸ‘ 7 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

In Lausanne for @1ns0mn1h4ck.bsky.social? Don’t miss the chance to meet our very own @not4nhacker.bsky.social! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!

13.03.2025 09:43 πŸ‘ 7 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0

Hey hackers!
We’ve started sending out the first invites β€” check your inbox! πŸ‘€
Didn’t get one? Take the fast track and submit a talk!

06.02.2025 11:32 πŸ‘ 11 πŸ” 7 πŸ’¬ 1 πŸ“Œ 1

tmux and chill

07.03.2025 06:48 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

πŸ—£οΈ

06.02.2025 11:36 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 1

On my way to @fosdem.bsky.social!
If you are into securing open source code then we should definitely have a chat -- looking forward to meeting y'all!

01.02.2025 03:08 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
GET /%0D%0ASet-Cookie: foo=bar 403 Forbidden GET /%E4%BC%8D%E4%BC%8ASet-Cookie: foo=bar 200 OK Set-Cookie: foo=bar

GET /%0D%0ASet-Cookie: foo=bar 403 Forbidden GET /%E4%BC%8D%E4%BC%8ASet-Cookie: foo=bar 200 OK Set-Cookie: foo=bar

Discover blocklist bypasses via unicode overflows using the latest updates to ActiveScan++, Hackvertor & Shazzer! Thanks to Ryan Barnett and Neh Patel for sharing this technique.

portswigger.net/research/byp...

28.01.2025 14:01 πŸ‘ 38 πŸ” 22 πŸ’¬ 0 πŸ“Œ 0